[Wg-p3] Preparation for USG Privacy Workshop (Aug 10th)

Georgia Marsh georgia-marsh at sbcglobal.net
Thu Aug 6 13:23:25 PDT 2009



Just returned from Europe and catching up on my e-mails. With respect to the
conversation below:


(i)Reuse of credentials certainly sounds like a federated approach to me


(ii)Up until last year, the E-Auth Initiative had detailed information
regarding agency use of SAML - in fact the Initiative worked with the
agencies on their deployments of SAML based authentication. As soon as I get
myself organized, I'll pull out some of my information for specifics and
send it on. (I was the Deputy and Acting lead of the Initiative between





From: wg-p3-bounces at kantarainitiative.org
[mailto:wg-p3-bounces at kantarainitiative.org] On Behalf Of j stollman
Sent: Tuesday, August 04, 2009 3:50 PM
To: Susan.Landau at sun.com
Cc: Kantara P3WG
Subject: Re: [Wg-p3] Preparation for USG Privacy Workshop (Aug 10th)



Sadly, the government is so large and distributed that there is unlikely to
be an enumeration of where SAML-based authentication is being used in

That said, Peter Alterman who will be attending the session from the
government side is a very savvy guy who has been working across agencies for
years and will likely be able to point to some specific implementations of
SAML-based authentication of which he is aware.


On Tue, Aug 4, 2009 at 4:20 PM, Susan Landau <Susan.Landau at sun.com> wrote:

More questions/observations:

(i)  On page 6 of the Identity Scheme Adoption Process document that Robin
sent out (written by USG) it says "One outcome of this move has been a
transition away from a Federation model to an open model ..." Later that
same page the document says, "The goals of ICAM include ... 3. Providing the
capability to re-use credentials across applications, eliminating the need
to create and maintain a credential system for each application; and ..." 
I think asking for a definition of "federation" is a very good idea. 
(ii) Do we know where the U.S. government is using SAML-based
authentication?  It would be very useful to know various current uses.  Does
anyone have an enumeration they can provide? 


Susan Landau                     phone: 413-259-2018
Distinguished Engineer           fax: 413-253-2156

      Sun Microsystems Laboratories
      MS UBUR02-311
      35 Network Drive
      Burlington MA 01803-0902

      susan.landau at sun.com

Wg-p3 mailing list
Wg-p3 at kantarainitiative.org

Jeff Stollman
stollman.j at gmail.com
1 202.683.8699

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-p3_kantarainitiative.org/attachments/20090806/35e8494f/attachment.html>

More information about the Wg-p3 mailing list